Adobe recommends users update their product installations to the latest versions:
- Users of Adobe Flash Player 19.0.0.245 and earlier versions for IE should update to Adobe Flash Player 20.0.0.228.
- Users of Adobe Flash Player 19.0.0.245 and earlier versions for Firefox (Windows) should update to Adobe Flash Player 20.0.0.235.
- Users of Adobe Flash Player 19.0.0.245 and earlier versions for Macintosh should update to Adobe Flash Player 20.0.0.228.
- Adobe Flash Player installed with Google Chrome will be automatically updated to the current version.
- Adobe Flash Player installed for Internet Explorer on Windows 8.0/8.1 will be automatically updated to the current version.
- Adobe Flash Player installed for Microsoft Edge and Internet Explorer 11 on Windows 10 will be automatically updated to the current version.
- Users of Adobe Flash Player 11.2.202.508 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.554.
Download Flash Player 20.0.0.228
The following downloads provide the Adobe Flash Player 20.0.0.228 installers for Windows, Linux and Mac OS X. Download the files appropriate for you:
Overview
Adobe Flash Player 20 drives innovation for rich, engaging digital experiences with new features for cross-platform browser-based viewing of expressive rich internet applications, content, and videos across devices. This release provides access to the Flash Player 20.0 runtime for Windows desktop, Mac OS, iOS and Android environments.
What's new in Flash Player 20.0
Adobe Flash Player 20.0 includes the following:
Android SDK Upgrade
With AIR 20, the latest Android SDK version 24.3.4 is now using in the AIR Runtime
SecureSocket API Support for iOS
This release introduced Secure socket support for AIR iOS applications. Using this feature, developers will be able to make socket connections using the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.
The supported encryption protocols are those higher than SSL 3.0, and TLS 1.0 and higher. SSL version 3.0 and lower are not supported.
Secure socket support for iOS is available from AIRSDK 20.0. Please use swf-version 31 or greater and namespace 20.0 or greater to access this
feature.
AIR 64 bit on Mac OS X
This release only be providing a 64 bit Runtime dynamic Library on Mac OS X. This means that all new applications created by AIR developers will be running on this 64 bit Runtime on Mac OS X, and all the existing shared, captive, and native applications will continue to work on this 64 bit Runtime on Mac OS X.
Provide Video Rotation Information to Action Script as Meta Data
Flash Player 20 providing video matrix information to ActionScript as a part of meta data object of the onMetaData event (which is a property of NetStream.Client). ActionScript developers can use these matrices to render the videos as needed.
PPAPI Vector Printing
Flash Player 20 introduced vector printing for PPAPI on Windows, thus giving a better printing experience from PPAPI supported browsers and applications. Bitmap printing is still supported for content that requests it.
Flash Player "Enable Hardware acceleration" setting for Edge and IE on Windows 8/10
The “Enable Hardware acceleration” option has been introduced to support the manual switching between software and hardware accelerated operations for the following features:
- Video playback
- Stage3D rendering
For a full list of features in Flash Player and AIR, including features introduced in previous releases, please review the document here.
Security fixes:
This release contains the following security fixes:
- Fixed heap buffer overflow vulnerabilities that could lead to code execution (CVE-2015-8438, CVE-2015-8446).
- Fixed memory corruption vulnerabilities that could lead to code execution (CVE-2015-8444, CVE-2015-8443, CVE-2015-8417, CVE-2015-8416, CVE-2015-8451, CVE-2015-8047, CVE-2015-8455, CVE-2015-8045, CVE-2015-8418, CVE-2015-8060, CVE-2015-8419, CVE-2015-8408).
- Fixed security bypass vulnerabilities (CVE-2015-8453, CVE-2015-8440, CVE-2015-8409).
- Fixed a stack overflow vulnerability that could lead to code execution (CVE-2015-8407).
- Fixed a type confusion vulnerability that could lead to code execution (CVE-2015-8439).
- Fixed an integer overflow vulnerability that could lead to code execution (CVE-2015-8445).
- Fixed a buffer overflow vulnerability that could lead to code execution (CVE-2015-8415)
- Fixed use-after-free vulnerabilities that could lead to code execution.
*Version 20.0.0.235 for Adobe Flash Player for Firefox.
Sources:
Adobe Flash Player 20 Release Notes
Adobe Security Bulletins and Advisories
APSB15-32 Security updates available for Adobe Flash Player
No comments:
Post a Comment